Open Closed

How to add IdentityServerIdentityResourceClaims value in OpenId #7282


User avatar
0
Priyanka created

Recently, I have migrated IdentityServer to OpenIddict but after migration my UI is not loading as I'm not getting values of IdentityServerIdentityResourceClaims table, what is the table replacement for IdentityServerIdentityResourceClaims in OpenIddict.

ABP Framework version: v8.1.1

UI Type:React

Database System: EF Core (SQL Server)

Tiered (for MVC) or Auth Server Separated (for Angular): yes

Exception message and full stack trace:NA

Steps to reproduce the issue: Migrate from IdentityServer to OpenIddict


8 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    See: https://docs.abp.io/en/abp/latest/Modules/OpenIddict#tables

    The table is OpenIddictScopes

  • User Avatar
    0
    Priyanka created

    Hi,

    See: https://docs.abp.io/en/abp/latest/Modules/OpenIddict#tables

    The table is OpenIddictScopes

    In my IdentityServerIdentityResourceClaims table I have below fields

    Type sub birthdate family_name gender given_name locale middle_name name nickname picture preferred_username profile updated_at website zoneinfo email email_verified address phone_number phone_number_verified role

    In this table OpenIddictScopes, am I supposed to add above values in "Resources" column, if yes, will it be comma separate or 1 value in one row?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You need to add a scope for each

  • User Avatar
    0
    Priyanka created

    Hi,

    You need to add a scope for each

    Hi, as suggested I have inserted data in OpenIddictScopes but earlier when I was using IdentityServerIdentity this was the data in my auth variable

    "token_type":"Bearer","scope":"openid offline_access","profile":{"s_hash":"DS82_CYQtxmPC76J8Yjz_w","sid":"FFCD5C72C428640804F41F72DAFC8059","sub":"8405d374-ec46-1ed7-bc4d-3a04e58abcde","auth_time":1717402623,"idp":"local","preferred_username":"admin","given_name":"admin","amr":["pwd"]},"expires_at":1748939693

    Now, I'm getting this in my auth variable "token_type":"Bearer","scope":"openid offline_access","profile":{"sub":"8405d374-ec46-1ed7-bc4d-3a04e58abcde","oi_au_id":"85c661bd-a8e3-f572-3657-3a12880f1aa6","azp":"eFC_App","oi_tkn_id":"6884f2bd-465d-19bb-d606-3a12ef7a0f53"},"expires_at":1717408376}

    Is there any other change required to get all properties? I want to get preferred_username, given_name, auth_time etc. in Profile.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You need to add the claims manually.

    https://docs.abp.io/en/abp/latest/Modules/OpenIddict#updating-claims-in-access_token-and-id_token https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory

  • User Avatar
    0
    Priyanka created

    Hi,

    You need to add the claims manually.

    https://docs.abp.io/en/abp/latest/Modules/OpenIddict#updating-claims-in-access_token-and-id_token https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory

    Hi, right now I'm using below class for claim public class myAppUserClaimFactory : UserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser, Volo.Abp.Identity.IdentityRole>, ITransientDependency,

    Is it not required now?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Yes, you don't need it. we refactored the new claims contributor system

  • User Avatar
    0
    Priyanka created

    Hi,

    Yes, you don't need it. we refactored the new claims contributor system

    Hi, thank you for the above links, I'm able to add custom claims now.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 05, 2024, 12:19